383 lines
13 KiB
Plaintext
383 lines
13 KiB
Plaintext
|
--
|
||
|
-- GlobalDirectives.ASN
|
||
|
--
|
||
|
|
||
|
--#comment "Copyright (C) Microsoft Corporation, 1996-1999. All rights reserved."--
|
||
|
--#comment "ASN.1 definitions for GlobalDirectives"--
|
||
|
|
||
|
--#oid array-- -- object identifier is 16-node fixed array
|
||
|
--#SS.basic lenptr-- -- set of and sequence of w/o size constraint
|
||
|
--#SS.sized lenptr-- -- set of and sequence of w/ size constraint
|
||
|
|
||
|
|
||
|
PKCS
|
||
|
DEFINITIONS EXPLICIT TAGS ::=
|
||
|
BEGIN
|
||
|
|
||
|
ObjectID ::= OBJECT IDENTIFIER --#public-- --#oid array--
|
||
|
Any ::= ANY
|
||
|
|
||
|
ObjectIdentifierType ::= ObjectID --#public--
|
||
|
OctetStringType ::= OCTET STRING --#public--
|
||
|
IntegerType ::= INTEGER --#public--
|
||
|
HugeIntegerType ::= INTEGER --#intx-- --#public--
|
||
|
|
||
|
BitStringType ::= BIT STRING --#lenptr--
|
||
|
|
||
|
------------------------------------------------------------------------------
|
||
|
AlgorithmIdentifier ::= SEQUENCE {
|
||
|
algorithm ObjectID,
|
||
|
parameters ANY --#field "parameters"-- OPTIONAL
|
||
|
} --#public--
|
||
|
AlgorithmIdentifierNC2 ::= SEQUENCE {
|
||
|
algorithm ObjectID,
|
||
|
parameters ANY --#nomemcpy-- --#field "parameters"-- OPTIONAL
|
||
|
} --#public--
|
||
|
|
||
|
DigestInfo ::= SEQUENCE {
|
||
|
digestAlgorithm DigestAlgorithmIdentifier,
|
||
|
digest Digest
|
||
|
} --#public--
|
||
|
|
||
|
DigestAlgorithmIdentifier ::= AlgorithmIdentifier
|
||
|
|
||
|
Digest ::= OCTET STRING
|
||
|
|
||
|
CertificateRevocationList ::= ANY -- hacked from X.509
|
||
|
CertificateRevocationListNC ::= ANY --#nomemcpy--
|
||
|
CertificateSerialNumber ::= HugeIntegerType -- copied from X.509
|
||
|
Name ::= ANY -- hacked from X.509
|
||
|
Certificate ::= ANY -- hacked from PKCS-6
|
||
|
CertificateNC ::= ANY --#nomemcpy--
|
||
|
AlgorithmIdentifiers ::= SET --#public-- OF AlgorithmIdentifier
|
||
|
AttributeSetValue ::= SET --#public-- OF ANY
|
||
|
AttributeSetValueNC ::= SET --#public-- OF ANY --#nomemcpy--
|
||
|
AlgorithmIdentifierNC ::= ANY --#nomemcpy--
|
||
|
DigestAlgorithmIdentifierNC ::= AlgorithmIdentifierNC
|
||
|
SetOfAny ::= SET --#public-- OF ANY
|
||
|
|
||
|
Attribute ::= SEQUENCE { -- hacked from X.509
|
||
|
attributeType ObjectID,
|
||
|
attributeValue AttributeSetValue }
|
||
|
AttributeNC2 ::= SEQUENCE {
|
||
|
attributeType ObjectID,
|
||
|
attributeValue AttributeSetValueNC } --#public--
|
||
|
AttributeNC ::= ANY --#nomemcpy--
|
||
|
|
||
|
Attributes ::= SET --#public-- OF Attribute -- hacked from X.509
|
||
|
AttributesNC ::= SET --#public-- --#type "AttributesNC"-- OF AttributeNC
|
||
|
AttributesNC2 ::= SET --#public-- --#type "AttributesNC2"-- OF AttributeNC2
|
||
|
|
||
|
CertificateRevocationLists ::=
|
||
|
SET --#type "Crls"--
|
||
|
OF CertificateRevocationList
|
||
|
|
||
|
CertificateRevocationListsNC ::=
|
||
|
SET --#public-- --#type "CrlsNC"--
|
||
|
OF CertificateRevocationListNC
|
||
|
|
||
|
ContentEncryptionAlgId ::= AlgorithmIdentifier
|
||
|
ContentEncryptionAlgIdNC ::= AlgorithmIdentifierNC
|
||
|
|
||
|
DigestEncryptionAlgId ::= AlgorithmIdentifier -- X.509
|
||
|
DigestEncryptionAlgIdNC ::= AlgorithmIdentifierNC2
|
||
|
|
||
|
Certificates ::=
|
||
|
SET --#type "Certificates"--
|
||
|
OF Certificate
|
||
|
CertificatesNC ::=
|
||
|
SET --#public-- --#type "CertificatesNC"--
|
||
|
OF CertificateNC
|
||
|
|
||
|
IssuerAndSerialNumber ::= SEQUENCE {
|
||
|
issuer Name, -- X.509
|
||
|
serialNumber CertificateSerialNumber -- X.509
|
||
|
} --#public--
|
||
|
|
||
|
KeyEncryptionAlgId ::= AlgorithmIdentifier
|
||
|
|
||
|
ContentType ::= ObjectID
|
||
|
|
||
|
ContentInfo ::= SEQUENCE {
|
||
|
contentType ContentType,
|
||
|
content [0] EXPLICIT ANY --#field "content"-- --#value "content"-- OPTIONAL
|
||
|
} --#public--
|
||
|
|
||
|
ContentInfoNC ::= SEQUENCE {
|
||
|
contentType ContentType,
|
||
|
content [0] EXPLICIT ANY --#nomemcpy-- --#field "content"-- --#value "content"-- OPTIONAL
|
||
|
} --#public--
|
||
|
|
||
|
Data ::= OCTET STRING
|
||
|
|
||
|
SignedData ::= SEQUENCE {
|
||
|
version INTEGER,
|
||
|
digestAlgorithms DigestAlgorithmIdentifiers,
|
||
|
contentInfo ContentInfo,
|
||
|
certificates [0] IMPLICIT Certificates OPTIONAL,
|
||
|
crls [1] IMPLICIT CertificateRevocationLists OPTIONAL,
|
||
|
signerInfos SignerInfos
|
||
|
} --#public--
|
||
|
|
||
|
DigestAlgorithmIdentifiers ::=
|
||
|
SET OF DigestAlgorithmIdentifier -- PKCS-1
|
||
|
DigestAlgorithmIdentifiersNC ::=
|
||
|
SET --#public-- --#type "DigestAlgorithmIdentifiersNC"-- OF DigestAlgorithmIdentifierNC
|
||
|
|
||
|
SignerInfos ::= SET --#public-- OF SignerInfo
|
||
|
|
||
|
SignerInfo ::= SEQUENCE {
|
||
|
version INTEGER,
|
||
|
-- sid may only be issuerAndSerialNumber or subjectKeyIdentifier
|
||
|
sid CertIdentifier,
|
||
|
digestAlgorithm DigestAlgorithmIdentifier, -- PKCS-1
|
||
|
authenticatedAttributes [0] IMPLICIT Attributes OPTIONAL,
|
||
|
digestEncryptionAlgorithm DigestEncryptionAlgId,
|
||
|
encryptedDigest EncryptedDigest,
|
||
|
unauthenticatedAttributes [1] IMPLICIT Attributes
|
||
|
--#field "unauthAttributes"-- OPTIONAL
|
||
|
} --#public--
|
||
|
|
||
|
DigestAlgorithmBlobs ::= SET --#public-- OF DigestAlgorithmBlob
|
||
|
|
||
|
DigestAlgorithmBlob ::= ANY --#nomemcpy--
|
||
|
|
||
|
SignedDataWithBlobs ::= SEQUENCE {
|
||
|
version INTEGER,
|
||
|
digestAlgorithms DigestAlgorithmIdentifiersNC,
|
||
|
contentInfo ContentInfoNC,
|
||
|
certificates [0] IMPLICIT CertificatesNC OPTIONAL,
|
||
|
crls [1] IMPLICIT CertificateRevocationListsNC OPTIONAL,
|
||
|
signerInfos SignerInfosNC
|
||
|
} --#public--
|
||
|
|
||
|
SignerInfosNC ::= SET --#public-- OF ANY --#nomemcpy--
|
||
|
|
||
|
SignerInfoWithAABlobs ::= SET OF SignerInfoWithAABlob
|
||
|
|
||
|
SignerInfoWithAABlob ::= SEQUENCE {
|
||
|
version ANY --#nomemcpy--,
|
||
|
sid ANY --#nomemcpy--,
|
||
|
digestAlgorithm ANY --#nomemcpy--,
|
||
|
authenticatedAttributes ANY --#nomemcpy--,
|
||
|
digestEncryptionAlgorithm ANY --#nomemcpy--,
|
||
|
encryptedDigest ANY --#nomemcpy--,
|
||
|
unauthenticatedAttributes [1] IMPLICIT AttributesNC
|
||
|
--#field "dummyUAAs"-- OPTIONAL
|
||
|
} --#public--
|
||
|
|
||
|
SignerInfoWithAttrBlobs ::= SEQUENCE {
|
||
|
version ANY --#nomemcpy--,
|
||
|
sid ANY --#nomemcpy--,
|
||
|
digestAlgorithm ANY --#nomemcpy--,
|
||
|
authenticatedAttributes [0] IMPLICIT AttributesNC
|
||
|
--#field "authAttributes"-- OPTIONAL,
|
||
|
digestEncryptionAlgorithm DigestEncryptionAlgIdNC,
|
||
|
encryptedDigest ANY --#nomemcpy--,
|
||
|
unauthenticatedAttributes [1] IMPLICIT AttributesNC
|
||
|
--#field "unauthAttributes"-- OPTIONAL
|
||
|
} --#public--
|
||
|
|
||
|
SignerInfoWithBlobs ::= SEQUENCE {
|
||
|
version INTEGER,
|
||
|
sid CertIdentifierNC,
|
||
|
digestAlgorithm DigestAlgorithmIdentifierNC,
|
||
|
authenticatedAttributes [0] IMPLICIT AttributesNC2
|
||
|
--#field "authAttributes"-- OPTIONAL,
|
||
|
digestEncryptionAlgorithm DigestEncryptionAlgIdNC,
|
||
|
encryptedDigest EncryptedDigestNC,
|
||
|
unauthenticatedAttributes [1] IMPLICIT AttributesNC2
|
||
|
--#field "unauthAttributes"-- OPTIONAL
|
||
|
} --#public--
|
||
|
|
||
|
EncryptedDigest ::= OCTET STRING
|
||
|
EncryptedDigestNC ::= OCTET STRING --#nomemcpy--
|
||
|
|
||
|
EnvelopedData ::= SEQUENCE {
|
||
|
version INTEGER,
|
||
|
recipientInfos RecipientInfos,
|
||
|
encryptedContentInfo EncryptedContentInfo
|
||
|
} --#public--
|
||
|
|
||
|
RecipientInfos ::= SET --#public-- OF RecipientInfo
|
||
|
|
||
|
EncryptedContentInfo ::= SEQUENCE {
|
||
|
contentType ContentType,
|
||
|
contentEncryptionAlgorithm ContentEncryptionAlgId,
|
||
|
encryptedContent [0] IMPLICIT EncryptedContent OPTIONAL
|
||
|
} --#public--
|
||
|
|
||
|
EncryptedContent ::= OCTET STRING
|
||
|
|
||
|
RecipientInfo ::= SEQUENCE {
|
||
|
version INTEGER,
|
||
|
issuerAndSerialNumber IssuerAndSerialNumber,
|
||
|
keyEncryptionAlgorithm KeyEncryptionAlgId,
|
||
|
encryptedKey EncryptedKey
|
||
|
} --#public--
|
||
|
|
||
|
EncryptedKey ::= OctetStringType
|
||
|
|
||
|
SignedAndEnvelopedData ::= SEQUENCE {
|
||
|
version INTEGER,
|
||
|
recipientInfos RecipientInfos,
|
||
|
digestAlgorithms DigestAlgorithmIdentifiers,
|
||
|
encryptedContentInfo EncryptedContentInfo,
|
||
|
certificates [0] IMPLICIT Certificates OPTIONAL,
|
||
|
crls [1] IMPLICIT CertificateRevocationLists OPTIONAL,
|
||
|
signerInfos SignerInfos
|
||
|
} --#public--
|
||
|
|
||
|
DigestedData ::= SEQUENCE {
|
||
|
version INTEGER,
|
||
|
digestAlgorithm DigestAlgorithmIdentifier,
|
||
|
contentInfo ContentInfo,
|
||
|
digest Digest
|
||
|
} --#public--
|
||
|
|
||
|
EncryptedData ::= SEQUENCE {
|
||
|
version INTEGER,
|
||
|
encryptedContentInfo EncryptedContentInfo
|
||
|
} --#public--
|
||
|
|
||
|
|
||
|
--------------------------------------------
|
||
|
-- CMS Changes
|
||
|
--------------------------------------------
|
||
|
|
||
|
|
||
|
--------------------------------------------
|
||
|
-- New Cert Identifier
|
||
|
--------------------------------------------
|
||
|
CertIdentifier ::= CHOICE {
|
||
|
issuerAndSerialNumber IssuerAndSerialNumber
|
||
|
--#field "issuerAndSerialNumber"--,
|
||
|
subjectKeyIdentifier [0] IMPLICIT SubjectKeyIdentifier
|
||
|
|
||
|
--#field "subjectKeyIdentifier"--
|
||
|
} --#public--
|
||
|
|
||
|
CertIdentifierNC ::= ANY --#nomemcpy--
|
||
|
|
||
|
SubjectKeyIdentifier ::= OctetStringType
|
||
|
|
||
|
|
||
|
--------------------------------------------
|
||
|
-- New CMS version of EnvelopedData
|
||
|
--------------------------------------------
|
||
|
CmsEnvelopedData ::= SEQUENCE {
|
||
|
version INTEGER,
|
||
|
originatorInfo [0] IMPLICIT OriginatorInfo OPTIONAL,
|
||
|
recipientInfos CmsRecipientInfos,
|
||
|
encryptedContentInfo EncryptedContentInfo,
|
||
|
unprotectedAttrs [1] IMPLICIT Attributes OPTIONAL
|
||
|
} --#public--
|
||
|
|
||
|
OriginatorInfo ::= SEQUENCE {
|
||
|
certificates [0] IMPLICIT Certificates OPTIONAL,
|
||
|
crls [1] IMPLICIT CertificateRevocationLists OPTIONAL
|
||
|
} --#public--
|
||
|
|
||
|
OriginatorInfoNC ::= SEQUENCE {
|
||
|
certificates [0] IMPLICIT CertificatesNC OPTIONAL,
|
||
|
crls [1] IMPLICIT CertificateRevocationListsNC OPTIONAL
|
||
|
} --#public--
|
||
|
|
||
|
--------------------------------------------
|
||
|
-- New CMS version of RecipientInfos
|
||
|
--------------------------------------------
|
||
|
CmsRecipientInfos ::= SET --#public-- OF CmsRecipientInfo
|
||
|
|
||
|
CmsRecipientInfo ::= CHOICE {
|
||
|
keyTransRecipientInfo KeyTransRecipientInfo,
|
||
|
keyAgreeRecipientInfo [1] IMPLICIT KeyAgreeRecipientInfo,
|
||
|
mailListRecipientInfo [2] IMPLICIT MailListRecipientInfo
|
||
|
} --#public--
|
||
|
|
||
|
--------------------------------------------
|
||
|
-- Key Transport RecipientInfo
|
||
|
--------------------------------------------
|
||
|
KeyTransRecipientInfo ::= SEQUENCE {
|
||
|
version INTEGER, -- always set to 0 or 2
|
||
|
-- rid may only be issuerAndSerialNumber or subjectKeyIdentifier
|
||
|
rid CertIdentifier,
|
||
|
keyEncryptionAlgorithm KeyEncryptionAlgId,
|
||
|
encryptedKey EncryptedKey
|
||
|
} --#public--
|
||
|
|
||
|
--------------------------------------------
|
||
|
-- Key Agreement RecipientInfo
|
||
|
--------------------------------------------
|
||
|
KeyAgreeRecipientInfo ::= SEQUENCE {
|
||
|
version INTEGER, -- always set to 3
|
||
|
-- originatorCert may only be issuerAndSerialNumber or subjectKeyIdentifier
|
||
|
originator [0] EXPLICIT OriginatorIdentifierOrKey,
|
||
|
ukm [1] EXPLICIT UserKeyingMaterial OPTIONAL,
|
||
|
keyEncryptionAlgorithm KeyEncryptionAlgId,
|
||
|
recipientEncryptedKeys RecipientEncryptedKeys
|
||
|
} --#public--
|
||
|
|
||
|
|
||
|
OriginatorIdentifierOrKey ::= CHOICE {
|
||
|
issuerAndSerialNumber IssuerAndSerialNumber
|
||
|
--#field "issuerAndSerialNumber"--,
|
||
|
subjectKeyIdentifier [0] IMPLICIT SubjectKeyIdentifier
|
||
|
--#field "subjectKeyIdentifier"--,
|
||
|
originatorKey [1] IMPLICIT OriginatorPublicKey
|
||
|
}
|
||
|
|
||
|
OriginatorPublicKey ::= SEQUENCE {
|
||
|
algorithm AlgorithmIdentifier,
|
||
|
publicKey BitStringType
|
||
|
}
|
||
|
|
||
|
RecipientEncryptedKeys ::= SEQUENCE OF RecipientEncryptedKey
|
||
|
|
||
|
UserKeyingMaterial ::= OctetStringType
|
||
|
|
||
|
RecipientEncryptedKey ::= SEQUENCE {
|
||
|
rid RecipientIdentifier,
|
||
|
encryptedKey EncryptedKey
|
||
|
}
|
||
|
|
||
|
RecipientIdentifier ::= CHOICE {
|
||
|
issuerAndSerialNumber IssuerAndSerialNumber
|
||
|
--#field "issuerAndSerialNumber"--,
|
||
|
rKeyId [0] IMPLICIT RecipientKeyIdentifier
|
||
|
}
|
||
|
|
||
|
RecipientKeyIdentifier ::= SEQUENCE {
|
||
|
subjectKeyIdentifier SubjectKeyIdentifier,
|
||
|
date GeneralizedTime
|
||
|
--#field "date"-- OPTIONAL,
|
||
|
other OtherKeyAttribute
|
||
|
--#field "other"-- OPTIONAL
|
||
|
}
|
||
|
|
||
|
OtherKeyAttribute ::= SEQUENCE {
|
||
|
keyAttrId ObjectID,
|
||
|
keyAttr ANY OPTIONAL
|
||
|
}
|
||
|
|
||
|
|
||
|
--------------------------------------------
|
||
|
-- Mail List RecipientInfo
|
||
|
--------------------------------------------
|
||
|
MailListRecipientInfo ::= SEQUENCE {
|
||
|
version INTEGER, -- always set to 4
|
||
|
mlid MailListKeyIdentifier,
|
||
|
keyEncryptionAlgorithm KeyEncryptionAlgId,
|
||
|
encryptedKey EncryptedKey
|
||
|
} --#public--
|
||
|
|
||
|
MailListKeyIdentifier ::= SEQUENCE {
|
||
|
kekIdentifier OctetStringType,
|
||
|
date GeneralizedTime
|
||
|
--#field "date"-- OPTIONAL,
|
||
|
other OtherKeyAttribute
|
||
|
--#field "other"-- OPTIONAL
|
||
|
}
|
||
|
|
||
|
|
||
|
END
|